Search Result

Search Tags: Ron Ross

If recent events on the cybersecurity front have scared the heck out of you, well, good. There's a lot you can do. How about start by reading the latest version of the government's premier publications on how to assess whether your security and privacy controls are adequate for today's hacker-plagued world? Dr. Ron Ross, FISMA Implementation Project and Joint Task Force Leader at the National Institute of Standards and Technology, joined Tom Temin on the Federal Drive to discuss what's in the newest revision of Special Publication 800-53-A.

Non-federal organizations and contractors may have sensitive federal information on their computers, but there are no consistent rules on how to keep that information secure. The treatment of Controlled Unclassified Information is the focus of a new set of recommendations. Ron Ross is a National Institute of Standards and Technology fellow. He is the lead author of the new guide, and joined Tom Temin on the Federal Drive to explain more.

Experts say that one way to eliminate cybersecurity vulnerabilities is to build cyber defenses into the wide range of information technology devices that are rapidly becoming part of the "Internet of things". Baked-in cybersecurity is the goal of new draft guidelines recently proposed by the National Institute of Standards and Technology. In this edition of "AFCEA Answers", Dr. Ron Ross, senior computer scientist and information security researcher with NIST, joins us to discuss SP 800-160, proposals which would mandate the design of cyber protection into the hardware and software of the next generation of IT products and services. Also, Dr. Ross discusses how SP 800-160 is part of the continuing work on the federal government's cybersecurity framework.

The National Institute of Standards and Technology has launched a four-part plan to help agencies build more secure IT systems. NIST Computer Scientist Ron Ross, who guided a new publication on the issue, tells the Federal Drive with Tom Temin and Emily Kopp that the same engineering principles that apply to bridges and buildings should apply to IT. That is, security should be built in, not added later.

The goal is to more accurately evaluate the security of the government's computer networks and systems. These efforts could bring more consistency to the cyber auditing process and engender more confidence in its results.

The inconsistent way inspectors general review the security of federal networks and computers is causing uncertainty around what is working and what isn't in the federal government. A recent State Department IG management alert is a prime example of this growing disconnect.

For over a decade, experts have been forecasting a shortage in trained cybersecurity
professionals. And the demand for those experts continues, even as government and
industry notes an uptick in the number and the nature of cyber threats. On this
edition of "AFCEA Answers", we get a report card on efforts to educate and train the
cybersecurity workforce with Dr. Ron Ross from NIST; Pat Delaney from University of
Maryland University College; and Chris May from Carnegie Mellon University's CERT
program.

Ron Ross of the National Institute of Standards and Technology wants feedback on the agency's IT security and privacy controls. Deputy Commissioner Wanda Rogers of the Treasury Department's Financial Management Service talks about the final transition to E-Payments. Philip Lohaus is a research fellow with the American Enterprise Institute and former Defense Department analyst who has studied and blogged about how the CIA is two organizations in one.

The agency plans to release solicitations to help agencies implement sensors to detect threats, followed by industry-provided services to analyze them. Congress approved $183 million to begin in 2013 to help get continuous monitoring off the ground more quickly.